Codebase list golang-golang-x-sys / 0703470
windows: add WinVerifyTrustEx function This commit adds the function and the required structs for it. This is the same as the WinVerifyTrust function but has the more correct signature. https://docs.microsoft.com/en-us/windows/win32/api/wintrust/nf-wintrust-winverifytrustex Change-Id: I43ae20302ba85a6ae1fc32ad4c34b59bee0a6a35 Reviewed-on: https://go-review.googlesource.com/c/sys/+/285715 Run-TryBot: Jason A. Donenfeld <Jason@zx2c4.com> TryBot-Result: Go Bot <gobot@golang.org> Trust: Jason A. Donenfeld <Jason@zx2c4.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Jason A. Donenfeld 3 years ago
3 changed file(s) with 98 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
+2
-0
windows/syscall_windows.go less more
2121
2222 const (
2323 InvalidHandle = ^Handle(0)
24 InvalidHWND = ^HWND(0)
2425
2526 // Flags for DefineDosDevice.
2627 DDD_EXACT_MATCH_ON_REMOVE = 0x00000004
283284 //sys CertFindExtension(objId *byte, countExtensions uint32, extensions *CertExtension) (ret *CertExtension) = crypt32.CertFindExtension
284285 //sys CryptQueryObject(objectType uint32, object unsafe.Pointer, expectedContentTypeFlags uint32, expectedFormatTypeFlags uint32, flags uint32, msgAndCertEncodingType *uint32, contentType *uint32, formatType *uint32, certStore *Handle, msg *Handle, context *unsafe.Pointer) (err error) = crypt32.CryptQueryObject
285286 //sys CryptDecodeObject(encodingType uint32, structType *byte, encodedBytes *byte, lenEncodedBytes uint32, flags uint32, decoded unsafe.Pointer, decodedLen *uint32) (err error) = crypt32.CryptDecodeObject
287 //sys WinVerifyTrustEx(hwnd HWND, actionId *GUID, data *WinTrustData) (ret error) = wintrust.WinVerifyTrustEx
286288 //sys RegOpenKeyEx(key Handle, subkey *uint16, options uint32, desiredAccess uint32, result *Handle) (regerrno error) = advapi32.RegOpenKeyExW
287289 //sys RegCloseKey(key Handle) (regerrno error) = advapi32.RegCloseKey
288290 //sys RegQueryInfoKey(key Handle, class *uint16, classLen *uint32, reserved *uint32, subkeysLen *uint32, maxSubkeyLen *uint32, maxClassLen *uint32, valuesLen *uint32, maxValueNameLen *uint32, maxValueLen *uint32, saLen *uint32, lastWriteTime *Filetime) (regerrno error) = advapi32.RegQueryInfoKeyW
+86
-0
windows/types_windows.go less more
519519 REALTIME_PRIORITY_CLASS = 0x00000100
520520 )
521521
522 /* wintrust.h constants for WinVerifyTrustEx */
523 const (
524 WTD_UI_ALL = 1
525 WTD_UI_NONE = 2
526 WTD_UI_NOBAD = 3
527 WTD_UI_NOGOOD = 4
528
529 WTD_REVOKE_NONE = 0
530 WTD_REVOKE_WHOLECHAIN = 1
531
532 WTD_CHOICE_FILE = 1
533 WTD_CHOICE_CATALOG = 2
534 WTD_CHOICE_BLOB = 3
535 WTD_CHOICE_SIGNER = 4
536 WTD_CHOICE_CERT = 5
537
538 WTD_STATEACTION_IGNORE = 0x00000000
539 WTD_STATEACTION_VERIFY = 0x00000010
540 WTD_STATEACTION_CLOSE = 0x00000002
541 WTD_STATEACTION_AUTO_CACHE = 0x00000003
542 WTD_STATEACTION_AUTO_CACHE_FLUSH = 0x00000004
543
544 WTD_USE_IE4_TRUST_FLAG = 0x1
545 WTD_NO_IE4_CHAIN_FLAG = 0x2
546 WTD_NO_POLICY_USAGE_FLAG = 0x4
547 WTD_REVOCATION_CHECK_NONE = 0x10
548 WTD_REVOCATION_CHECK_END_CERT = 0x20
549 WTD_REVOCATION_CHECK_CHAIN = 0x40
550 WTD_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT = 0x80
551 WTD_SAFER_FLAG = 0x100
552 WTD_HASH_ONLY_FLAG = 0x200
553 WTD_USE_DEFAULT_OSVER_CHECK = 0x400
554 WTD_LIFETIME_SIGNING_FLAG = 0x800
555 WTD_CACHE_ONLY_URL_RETRIEVAL = 0x1000
556 WTD_DISABLE_MD2_MD4 = 0x2000
557 WTD_MOTW = 0x4000
558
559 WTD_UICONTEXT_EXECUTE = 0
560 WTD_UICONTEXT_INSTALL = 1
561 )
562
522563 var (
523564 OID_PKIX_KP_SERVER_AUTH = []byte("1.3.6.1.5.5.7.3.1\x00")
524565 OID_SERVER_GATED_CRYPTO = []byte("1.3.6.1.4.1.311.10.3.3\x00")
525566 OID_SGC_NETSCAPE = []byte("2.16.840.1.113730.4.1\x00")
567
568 WINTRUST_ACTION_GENERIC_VERIFY_V2 = GUID{
569 Data1: 0xaac56b,
570 Data2: 0xcd44,
571 Data3: 0x11d0,
572 Data4: [8]byte{0x8c, 0xc2, 0x0, 0xc0, 0x4f, 0xc2, 0x95, 0xee},
573 }
526574 )
527575
528576 // Pointer represents a pointer to an arbitrary Windows type.
12821330 // Not implemented
12831331 }
12841332
1333 type CertStrongSignPara struct {
1334 Size uint32
1335 InfoChoice uint32
1336 InfoOrSerializedInfoOrOID unsafe.Pointer
1337 }
1338
1339 type WinTrustData struct {
1340 Size uint32
1341 PolicyCallbackData uintptr
1342 SIPClientData uintptr
1343 UIChoice uint32
1344 RevocationChecks uint32
1345 UnionChoice uint32
1346 FileOrCatalogOrBlobOrSgnrOrCert unsafe.Pointer
1347 StateAction uint32
1348 StateData Handle
1349 URLReference *uint16
1350 ProvFlags uint32
1351 UIContext uint32
1352 SignatureSettings *WinTrustSignatureSettings
1353 }
1354
1355 type WinTrustFileInfo struct {
1356 Size uint32
1357 FilePath *uint16
1358 File Handle
1359 KnownSubject *GUID
1360 }
1361
1362 type WinTrustSignatureSettings struct {
1363 Size uint32
1364 Index uint32
1365 Flags uint32
1366 SecondarySigs uint32
1367 VerifiedSigIndex uint32
1368 CryptoPolicy *CertStrongSignPara
1369 }
1370
12851371 const (
12861372 // do not reorder
12871373 HKEY_CLASSES_ROOT = 0x80000000 + iota
+10
-0
windows/zsyscall_windows.go less more
5050 modshell32 = NewLazySystemDLL("shell32.dll")
5151 moduser32 = NewLazySystemDLL("user32.dll")
5252 moduserenv = NewLazySystemDLL("userenv.dll")
53 modwintrust = NewLazySystemDLL("wintrust.dll")
5354 modws2_32 = NewLazySystemDLL("ws2_32.dll")
5455 modwtsapi32 = NewLazySystemDLL("wtsapi32.dll")
5556
353354 procCreateEnvironmentBlock = moduserenv.NewProc("CreateEnvironmentBlock")
354355 procDestroyEnvironmentBlock = moduserenv.NewProc("DestroyEnvironmentBlock")
355356 procGetUserProfileDirectoryW = moduserenv.NewProc("GetUserProfileDirectoryW")
357 procWinVerifyTrustEx = modwintrust.NewProc("WinVerifyTrustEx")
356358 procFreeAddrInfoW = modws2_32.NewProc("FreeAddrInfoW")
357359 procGetAddrInfoW = modws2_32.NewProc("GetAddrInfoW")
358360 procWSACleanup = modws2_32.NewProc("WSACleanup")
30223024 return
30233025 }
30243026
3027 func WinVerifyTrustEx(hwnd HWND, actionId *GUID, data *WinTrustData) (ret error) {
3028 r0, _, _ := syscall.Syscall(procWinVerifyTrustEx.Addr(), 3, uintptr(hwnd), uintptr(unsafe.Pointer(actionId)), uintptr(unsafe.Pointer(data)))
3029 if r0 != 0 {
3030 ret = syscall.Errno(r0)
3031 }
3032 return
3033 }
3034
30253035 func FreeAddrInfoW(addrinfo *AddrinfoW) {
30263036 syscall.Syscall(procFreeAddrInfoW.Addr(), 1, uintptr(unsafe.Pointer(addrinfo)), 0, 0)
30273037 return